Ransomware attacks against the enterprise continue in the form of Accellion data leaks, full-fledged ransomware attacks, and more ransomware gangs targeting Microsoft Exchange.
Early in the week, it was discovered that a threat actor was deploying the Black Kingdom Ransomware on Microsoft Exchange servers. By the end of the week, Microsoft estimates that approximately 1,500 exchange servers were targeted in this group’s attack.
The Clop ransomware gang has continued to leak data stolen in Accellion attacks, with this week’s victims being energy giant Shell, the University of Miami, and the University of Colorado.
We also saw an increase in standard encrypting ransomware attacks targeting enterprise victims, such as Sierra Wireless, Stratus, and insurance giant CNA.
On a different note, Danny Palmer wrote an interesting piece on how a company handled a recent ransomware attack and did not pay the ransom.
Contributors and those who provided new ransomware information and stories this week include: @BleepinComputer, @Ionut_Ilascu, @demonslay335, @jorntvdw, @PolarToffee, @malwrhunterteam, @FourOctets, @struppigel, @LawrenceAbrams, @malwareforme, @Seifreed, @DanielGallagher, @serghei, @VK_Intel, @fwosar, @CrowdStrike, @BrettCallow, @MalwareTechBlog, @MsftSecIntel, @fbgwls245, @siri_urz, @Amigo_A_, @dannyjpalmer, @campuscodi, @ValeryMarchive, and @alexscroxton.
March 21st 2021
S!Ri found a new Pay2Decrypt variant that appends the .aes extension.
March 22nd 2021
Microsoft Exchange servers now targeted by Black Kingdom ransomware
Another ransomware operation known as ‘Black Kingdom’ is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers.
Energy giant Shell discloses data breach after Accellion hack
Energy giant Shell has disclosed a data breach after attackers compromised the company’s secure file-sharing system powered by Accellion’s File Transfer Appliance (FTA).
Jakub Kroustek found a new Dharma ransomware variant that appends the .bqd2 extension.
March 23rd 2021
Ransomware attack shuts down Sierra Wireless IoT maker
Sierra Wireless, a world-leading IoT (Internet of Things) solutions…